DATA PRIVACY NOTICE 1.0
April 2018 – To Date
Effective Web Solutions Limited
1. Who we are?
Effective Web Solutions Limited is an ecommerce company who operate the Mini Model Shop. The Mini Model Shop is an online diecast model shop.
Effective Web Solutions Limited (referred to as ‘we’) are the ‘controller’ of the personal data you provide to the Mini Model Shop. This means we decide how your personal data is processed and for what purposes. Our contact details are: Effective Web Solutions Ltd, 11 Riverside, Sir Thomas Longley Road, Medway City Estate, Kent, ME2 4DP 01634 718190.
2. Your Personal Data - What is this?
Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation (GDPR).
3. Your Personal Data - What we collect
We collect your personal data in order to process your order and deliver your goods to you. The information we collect includes your name & address, the delivery name & address, your email address, telephone number, mobile number, IP address, reason for purchase, how you found us and any special message relating to your order.
Your payment information will be collected and held by one of our payment providers (either WorldPay, Stripe or Paypal). We do not hold your financial debit/credit card information.
If you choose to join our discount club, we will collect your order history, your areas of interest and newsletter subscription preferences.
We also collect data from your browsing behaviour, which helps us understand how our customers interact with our website. We use this data to help us improve our website design, functionality and enhance our customer experience.
We will not collect any unnecessary personal data from you, only data that is relevant to your order and if requested product preferences.
4. Your Personal Data - How do we process your data?
We adhere to comply with the obligations under the GDPR by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.
We use your personal data for the following purposes: -
- Internal record keeping.
- To enable us to process your order (we may contact you via email/telephone to discuss your order).
- To allow us to distribute your goods (if your order is being delivered via courier and you have provided your mobile telephone number, you will receive a text message from our courier company detailing a time slot for your delivery).
- To keep a record of the products you have purchased.
- To respond to enquiries and provide customer support.
- To administer our loyalty club and communicate information regarding the club with members.
- To operate our website and deliver the services that individuals have requested.
- To maintain our own accounts and records in line with the legal requirements.
- Send you emails regarding the status of your order, asking you to review your purchase and invite you to join our loyalty club programme.
- If you give us consent to do so, we will use your name and email address to inform you of our future events, promotions, similar products and loyalty club membership information. This information is not shared with any third parties and you can unsubscribe at any time via phone, email or on our website (if you have created an account). Our contact details can be found at the end of this Policy. We will only email you with marketing messages and promotions if you actively tick the subscription box either at the checkout, in your account login area or at the newsletter subscription request box.
5. What is the legal basis for processing your personal data?
The lawful bases for processing your personal data are:
- Contract: Processing your personal data is necessary in order to fulfil a sales contract between the us and yourself. If you have purchased a product from us, we will need to use your personal data in order to process the order and distribute the goods to you. We will also need to process your personal data if you have asked us to take specific steps before entering into a contract. If you do not provide the required personal data, we will not be able to fulfil your order.
- Consent: You have given us clear consent to use your personal data to keep you informed of upcoming events, promotions and details of your loyalty club membership.
- Legitimate Interests: We have a real reason to process your data which will be a direct benefit to both you and us. This could include; to identify and protect against fraud; better understand how people interact with our website; to determine the effectiveness of promotional campaigns and advertising; to enhance or personalise our services for the benefit of our customers; or for direct marketing purposes. You have the right to object to this processing if you wish (see below for our contact details).
6. Your Personal Data - Do we share it?
Your personal data will be treated as strictly confidential. We provide your personal data to our distribution partners (domestic - Royal Mail and DPD, international - Transglobal or the national postal service in your country) in order to safely deliver your goods in a timely manner.
Data from your browsing behaviour is shared with Google Analytics which gives us an insight into how our customers interact with our website. We have activated the IP anonymisation within Google Analytics, so you are not identifiable.
We do not share, sell or lease your personal details with any third party organisations for the use of marketing purposes.
If you have given consent to receive our email newsletters, we will store your details on our email marketing agency platform, Pure360, in order to deliver any email communications to you.
7. Your Personal Data - How long do we keep your data?
- Customer orders – permanently, in order to satisfy HMRC requirements, aid with stock control and allow us to administer our loyalty club programme.
- Customer enquiries – 2 years post enquiry in order to answer all enquiries. If you request to be informed when a new product is released, this can take up to 24 months.
- Newsletter Subscribers – until end of customer relationship (until you notify us that you no longer wish to receive communications from us).
8. How do we keep your personal data secure?
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable electronic and managerial procedures to safeguard and secure the information we collect online. All data is securely stored using RSA 2048 bit encryption.
All your personal data is hosted on servers which are located in the UK and is processed by our UK based employees.
No 3rd parties have access to your personal data unless the law allows them to do so. We have a data protection regime in place to oversee the effective and secure processing of your personal data.
A cookie is a small file which asks permission to be placed on your computer's hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
- Internet Explorer
- Google Chrome
- Mozilla Firefox
- Apple Safari
For the exhaustive list of cookies we collect see the 'List of Cookies we collect' section at the end of this Policy.
10. Links to other websites
11. What are your rights?
Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data: -
- The right to request a copy of your personal data which we hold about you;
- The right to request that we correct any personal data if it is found to be inaccurate or out of date;
- The right to request your personal data is erased where it is no longer necessary for us to retain such data;
- The right to withdraw your consent to the processing at any time;
- The right to request that we provide you with your personal data and where possible, to transmit that data directly to another data controller, (known as the right to data portability);
- The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
- The right to object to the processing of personal data;
- The right to lodge a complaint with the Information Commissioners Office.
If you believe that any information we are holding on you is incorrect or incomplete, please contact us as soon as possible at the below address. We will promptly correct any information found to be incorrect.
14. Contact Details
To exercise all relevant rights, queries or complaints please in the first instance contact Effective Web Solutions Limited on 01634 718190.
If you wish to exercise your right to withdraw consent to use your personal data for marketing purposes, please either:-
- Use the ‘unsubscribe’ link at the bottom of your last marketing email.
- Unsubscribe via your online account. Log in, select ‘My Account’ then select the ‘Newsletter Subscriptions’ tab. Click on the ‘General Subscription’ opt-in box so this is no longer green. Please then remember to click on the ‘Save’ button.
- Contact us on the above telephone number and we will remove you from our mailing list.
You can contact the Information Commissioners Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.
List of cookies we collect
The table below lists the cookies we collect and what information they store.
|Magento||FRONTEND, FRONTEND_CID, USER_ALLOWED_SAVE_COOKIE, EXTERNAL_NO_CACHE, PERSISTENT_SHOPPING_CART, STF, GUEST-VIEW||
These cookies are essential for our websites to operate, we use them to identify you as a user between page loads. This allows us to remember certain settings, for example, the part of our website you were using before you were asked to sign in or register.
|Google Analytics||_UTMA, _UTMB, _UTMC, _UTMZ, _GA, _GAT, _GID||
These cookies are used to collect anonymised information about how visitors use our site. We use this information to compile reports which help us improve our websites. The cookies collect information such as the number of visitors, how they arrived there and the pages they visited.
We use AddThis (a tool for integrating social media websites like Facebook and Twitter) which may set a number of cookies on your computer. The social network sites may also set a cookie when you are logged in to their service. AddThis provides analytics to help us better understand our visitors. For example, to tell us how many people are sharing content. All tracking is completely anonymous and movements and activity are not traced back to an individual user.
|Visual Web Optimiser||https://vwo.com/knowledge/what-are-the-cookies-stored-by-vwo/||
A number of cookies are used by Google AdWords to target and re-engage visitors that are likely to convert to customers based on the visitor's online behaviour across websites. Registers anonymised user data, such as IP address, geographical location, visited websites, and what ads the user has clicked, with the purpose of optimising ad display based on the user's movements.
We use wurfl.io to detect what type of device you are using.
We embed videos from YouTube with privacy-enhanced mode. This mode may set cookies on your computer once you click on the YouTube video player. These cookies might be used by YouTube to show you targeted ads based on your browsing activity.